http://trac.tiddlywiki.org/changeset/11804
BidiX
2010-03-06 10:50:02 -0800 (Sat, 06 Mar 2010)
86
Signed TiddlySaver.jar with new UnaMesa signing certificate. All files are up
to date.
---------------
D Trunk/core/java/ThawteCodeSigningCA.cer
D Trunk/core/java/ThawtePremiumServerCA.cer
A Trunk/core/java/UnaMesa-2.cer
A Trunk/core/java/UnaMesa-3.cer
D Trunk/core/java/UnaMesa.cer
A Trunk/core/java/UnaMesa.old.cer
U Trunk/core/java/sign.readme
U Trunk/core/java/verify.readme
---------------
Deleted: Trunk/core/java/ThawteCodeSigningCA.cer
Deleted: Trunk/core/java/ThawtePremiumServerCA.cer
Added: Trunk/core/java/UnaMesa-2.cer
===================================================================
--- Trunk/core/java/UnaMesa-2.cer (rev 0)
+++ Trunk/core/java/UnaMesa-2.cer 2010-03-06 18:50:02 UTC (rev 11804)
@@ -0,0 +1,38 @@
+-----BEGIN PKCS #7 SIGNED DATA-----
+MIAGCSqGSIb3DQEHAqCAMIACAQExADALBgkqhkiG9w0BBwGggDCCAyIwggKLoAMC
+AQICEEtycpHmJVBWKTR1fltuZYgwDQYJKoZIhvcNAQEFBQAwVTELMAkGA1UEBhMC
+WkExJTAjBgNVBAoTHFRoYXd0ZSBDb25zdWx0aW5nIChQdHkpIEx0ZC4xHzAdBgNV
+BAMTFlRoYXd0ZSBDb2RlIFNpZ25pbmcgQ0EwHhcNMTAwMzA0MDAwMDAwWhcNMTIw
+MzAzMjM1OTU5WjBvMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTES
+MBAGA1UEBxMJUGFsbyBBbHRvMRAwDgYDVQQKFAdVbmFNZXNhMRMwEQYDVQQLFApU
+aWRkbHlXaWtpMRAwDgYDVQQDFAdVbmFNZXNhMIGfMA0GCSqGSIb3DQEBAQUAA4GN
+ADCBiQKBgQDy7syNTVAWoApezeC5oKYWsS19uO87TgHcwqAG2R6U8pBVuHoKpzL9
+YpOnwIL3p+l/fHy5T8ghmxdX4d73RtHiHMFIL6ABrSvt/WxUKtyImleBv521pK5P
+S0sdBJWgWCSIV76YKxHdHTZfU83rNih1IGzxP+96MflXh4wPsVuvcwIDAQABo4HY
+MIHVMAwGA1UdEwEB/wQCMAAwPgYDVR0fBDcwNTAzoDGgL4YtaHR0cDovL2NybC50
+aGF3dGUuY29tL1RoYXd0ZUNvZGVTaWduaW5nQ0EuY3JsMB8GA1UdJQQYMBYGCCsG
+AQUFBwMDBgorBgEEAYI3AgEWMB0GA1UdBAQWMBQwDjAMBgorBgEEAYI3AgEWAwIH
+gDAyBggrBgEFBQcBAQQmMCQwIgYIKwYBBQUHMAGGFmh0dHA6Ly9vY3NwLnRoYXd0
+ZS5jb20wEQYJYIZIAYb4QgEBBAQDAgQQMA0GCSqGSIb3DQEBBQUAA4GBAHgyGc8J
+hNHrtizy6e4bWDlYBwVJiGPe1h0qTNrL9qGexHfF9Msik9CYCFHHv0NlatkP0g0L
+ZNkR4pTg7QFPBxfV/fh74SxnzadgyX5vsuohC3n7r7XLZy+vh/jeZR2Qt9QTkyxY
+AONfQLWpTUvFy6Rqb6KcPmW70s6t7NORkWF1MIIDTjCCAregAwIBAgIBCjANBgkq
+hkiG9w0BAQUFADCBzjELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2Fw
+ZTESMBAGA1UEBxMJQ2FwZSBUb3duMR0wGwYDVQQKExRUaGF3dGUgQ29uc3VsdGlu
+ZyBjYzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEh
+MB8GA1UEAxMYVGhhd3RlIFByZW1pdW0gU2VydmVyIENBMSgwJgYJKoZIhvcNAQkB
+FhlwcmVtaXVtLXNlcnZlckB0aGF3dGUuY29tMB4XDTAzMDgwNjAwMDAwMFoXDTEz
+MDgwNTIzNTk1OVowVTELMAkGA1UEBhMCWkExJTAjBgNVBAoTHFRoYXd0ZSBDb25z
+dWx0aW5nIChQdHkpIEx0ZC4xHzAdBgNVBAMTFlRoYXd0ZSBDb2RlIFNpZ25pbmcg
+Q0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMa4uSdgrwvjkWll236N7ZHm
+qvG+1e3+bdQsf9Fwd/smmVe03T8wuNwh6miNgZL8LkuRNYQg8tpKurT85tqI8iDF
+IZIJR5WgCRymeb6xTB388YpuVNJpofFMkzpB/n3UZHtjRfdgYB0xHaTp0w+L+24m
+JLOo/+XlkNS0wtxQYK5ZAgMBAAGjgbMwgbAwEgYDVR0TAQH/BAgwBgEB/wIBADBA
+BgNVHR8EOTA3MDWgM6Axhi9odHRwOi8vY3JsLnRoYXd0ZS5jb20vVGhhd3RlUHJl
+bWl1bVNlcnZlckNBLmNybDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwMw
+DgYDVR0PAQH/BAQDAgEGMCkGA1UdEQQiMCCkHjAcMRowGAYDVQQDExFQcml2YXRl
+TGFiZWwyLTE0NDANBgkqhkiG9w0BAQUFAAOBgQB2spzuE58b9i00kpRFczTcjmsu
+XPxMfYnrw2jx15kPLh0XyLUWi77NigUG8hlJOgNbBckgjm1S4XaBoMNliiJn5BxT
+UzdGv7zXL+t7ntAURWxAIQjiXXV2ZjAe9N+Cii+986IMvx3bnxSimnI3TbB3SOhK
+PwnOVRks7+YHJOGv7AAAMQAAAAAAAAA=
+-----END PKCS #7 SIGNED DATA-----
\ No newline at end of file
Added: Trunk/core/java/UnaMesa-3.cer
===================================================================
(Binary files differ)
Property changes on: Trunk/core/java/UnaMesa-3.cer
___________________________________________________________________
Name: svn:mime-type
+ application/octet-stream
Deleted: Trunk/core/java/UnaMesa.cer
Added: Trunk/core/java/UnaMesa.old.cer
===================================================================
(Binary files differ)
Property changes on: Trunk/core/java/UnaMesa.old.cer
___________________________________________________________________
Name: svn:executable
+ *
Name: svn:mime-type
+ application/octet-stream
Modified: Trunk/core/java/sign.readme
===================================================================
--- Trunk/core/java/sign.readme 2010-03-06 18:48:10 UTC (rev 11803)
+++ Trunk/core/java/sign.readme 2010-03-06 18:50:02 UTC (rev 11804)
@@ -5,6 +5,9 @@
1 - HISTORY
+2010 03 06 - BidiX : Signing TiddlySaver.jar with a new Signing Certificate
+ The files were updated with the new
process used for signing (sorry my Macbook was configured in French)
+ New signed TiddlySaver.jar was tested
with Safari 4.0.4 on MacOS 10.6.2
2008 04 06 - BidiX : documentation
2008 04 06 - BidiX : create TiddlySaverVerify.keystore
2008 03 27 - BidiX : Signing TiddlySaver.jar
@@ -16,235 +19,305 @@
2 - UNAMESA.KEYSTORE CREATION
Using this command:
+----------------
> keytool -genkey -keyalg RSA -alias BidiX -keystore UnaMesa.keystore
-and filled required fields (assigning a password for keystore)
+Tapez le mot de passe du Keystore :
+Ressaisissez le nouveau mot de passe :
+Quels sont vos pr?nom et nom ?
+ [Unknown] : BidiX
+Quel est le nom de votre unit? organisationnelle ?
+ [Unknown] : TiddlyWiki
+Quelle est le nom de votre organisation ?
+ [Unknown] : UnaMesa
+Quel est le nom de votre ville de r?sidence ?
+ [Unknown] : Palo Alto
+Quel est le nom de votre ?tat ou province ?
+ [Unknown] : California
+Quel est le code de pays ? deux lettres pour cette unit? ?
+ [Unknown] : US
+Est-ce CN=BidiX, OU=TiddlyWiki, O=UnaMesa, L=Palo Alto, ST=California, C=US ?
+ [non] : OUI
+Sp?cifiez le mot de passe de la cl? pour <BidiX>
+ (appuyez sur Entr?e s'il s'agit du mot de passe du Keystore) :
+Ressaisissez le nouveau mot de passe :
+---------------
+
For security reasons the Keystore is kept in a safe place in BidiX environment
(BidiX @ bidix.info)
3 - CERTICATE REQUEST
+Using this command :
+--------------
+> keytool -certreq -alias BidiX -file certreq -keystore UnaMesa.keystore
-storepass "???"
+> cat certreq
+-----BEGIN NEW CERTIFICATE REQUEST-----
+MIIBrTCCARYCAQAwbTELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExEjAQBgNVBAcT
+...
+sxoX+IbLVSs4Ye4HDqFodRkmehWBJsdWpQa/yji72pY+eA3fCgTt57VL+san9pPaLcwPfAiL23cD
+R1j/y2RjQYLpE0PH+vQXn26xNeUDo2OONijyG0RLIX57yA==
+-----END NEW CERTIFICATE REQUEST-----
+---------------
+Certificate received
+-----BEGIN PKCS #7 SIGNED DATA-----
+MIAGCSqGSIb3DQEHAqCAMIACAQExADALBgkqhkiG9w0BBwGggDCCAyIwggKLoAMC
+...
+PwnOVRks7+YHJOGv7AAAMQAAAAAAAAA=
+-----END PKCS #7 SIGNED DATA-----
+copied in UnaMesa-2.cer
-Using this command:
-> keytool -certreq -alias BidiX -file certreq -keystore UnaMesa.keystore
-and pasting result in form at Thawtle site
+4 - ADDING CERTICATE TO KEYSTORE
+---------------
+> keytool -import -alias BidiX -trustcacerts -file UnaMesa-2.cer -keystore
UnaMesa.keystore
+Tapez le mot de passe du Keystore :
+R?ponse de certificat install?e dans le Keystore
+---------------
+List Keystore
+---------------
+> keytool -list -v -alias BidiX -keystore UnaMesa.keystore
+Tapez le mot de passe du Keystore :
+Nom d'alias : BidiX
+Date de cr?ation : 6 mars 2010
+Type dentr?e?: {0}
+Longueur de cha?ne du certificat : 3
+Certificat[1]:
+Propri?taire?: CN=UnaMesa, OU=TiddlyWiki, O=UnaMesa, L=Palo Alto,
ST=California, C=US
+?metteur?: CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA
+Num?ro de s?rie?: 4b727291e62550562934757e5b6e6588
+Valide du?: Thu Mar 04 01:00:00 CET 2010 au?: Sun Mar 04 00:59:59 CET 2012
+Empreintes du certificat?:
+ MD5?: 1B:79:CE:47:BE:A9:E4:04:2A:DD:04:F5:BA:62:64:AD
+ SHA1?: 42:A9:6F:4D:C3:20:F8:7F:90:1A:1F:A5:66:92:ED:06:38:19:1E:D4
+ Nom de lalgorithme de signature?: {7}
+ Version?: {8}
+Extensions?:
-4 - ADDING CERTICATES TO KEYSTORE
+#1: ObjectId: 2.5.29.19 Criticality=true
+BasicConstraints:[
+ CA:false
+ PathLen: undefined
+]
-Adding Certificate Chain by importing in keystore:
- - UnaMesa Certificate
- - Thawte Code Signing CA Certificate
- - Thawte Premium Server CA Certificate
-
-> keytool -list -v -keystore UnaMesa.keystore
+#2: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
+AuthorityInfoAccess [
+ [accessMethod: 1.3.6.1.5.5.7.48.1
+ accessLocation: URIName: http://ocsp.thawte.com]
+]
-Keystore type: jks
-Keystore provider: SUN
+#3: ObjectId: 2.5.29.4 Criticality=false
-Your keystore contains 3 entries
+#4: ObjectId: 2.5.29.31 Criticality=false
+CRLDistributionPoints [
+ [DistributionPoint:
+ [URIName: http://crl.thawte.com/ThawteCodeSigningCA.crl]
+]]
-Alias name: rootca
-Creation date: Mar 27, 2008
-Entry type: trustedCertEntry
+#5: ObjectId: 2.5.29.37 Criticality=false
+ExtendedKeyUsages [
+ codeSigning
+ 1.3.6.1.4.1.311.2.1.22
+]
-Owner: [email protected], CN=Thawte Premium Server CA,
OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town,
ST=Western Cape, C=ZA
-Issuer: [email protected], CN=Thawte Premium Server CA,
OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town,
ST=Western Cape, C=ZA
-Serial number: 1
-Valid from: Thu Aug 01 02:00:00 CEST 1996 until: Fri Jan 01 00:59:59 CET 2021
-Certificate fingerprints:
- MD5: 06:9F:69:79:16:66:90:02:1B:8C:8C:A2:C3:07:6F:3A
- SHA1: 62:7F:8D:78:27:65:63:99:D2:7D:7F:90:44:C9:FE:B3:F3:3E:FA:9A
+#6: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
+NetscapeCertType [
+ Object Signing
+]
+Certificat[2]:
+Propri?taire?: CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA
+?metteur?: [email protected], CN=Thawte Premium Server
CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town,
ST=Western Cape, C=ZA
+Num?ro de s?rie?: a
+Valide du?: Wed Aug 06 02:00:00 CEST 2003 au?: Tue Aug 06 01:59:59 CEST 2013
+Empreintes du certificat?:
+ MD5?: D4:A7:BF:00:7B:6A:0C:20:D9:23:CD:5B:60:7B:7C:12
+ SHA1?: A7:06:BA:1E:CA:B6:A2:AB:18:69:9F:C0:D7:DD:8C:7D:E3:6F:29:0F
+ Nom de lalgorithme de signature?: {7}
+ Version?: {8}
-*******************************************
-*******************************************
+Extensions?:
+#1: ObjectId: 2.5.29.15 Criticality=true
+KeyUsage [
+ Key_CertSign
+ Crl_Sign
+]
-Alias name: bidix
-Creation date: Mar 26, 2008
-Entry type: keyEntry
-Certificate chain length: 3
-Certificate[1]:
-Owner: CN=UnaMesa Association, OU=TiddlyWiki, O=UnaMesa Association, L=Menlo
Park, ST=California, C=US
-Issuer: CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA
-Serial number: 216daade0a7b241446c142eec8d2c6a9
-Valid from: Wed Mar 26 01:00:00 CET 2008 until: Sat Mar 27 00:59:59 CET 2010
-Certificate fingerprints:
- MD5: 1D:C3:CA:0F:8E:9F:02:96:C1:F7:A5:B5:7E:79:E3:31
- SHA1: A7:B8:B7:BF:BA:AB:A6:95:5A:BB:F4:2C:F9:91:62:7F:3E:64:3D:A0
-Certificate[2]:
-Owner: CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA
-Issuer: [email protected], CN=Thawte Premium Server CA,
OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town,
ST=Western Cape, C=ZA
-Serial number: a
-Valid from: Wed Aug 06 02:00:00 CEST 2003 until: Tue Aug 06 01:59:59 CEST 2013
-Certificate fingerprints:
- MD5: D4:A7:BF:00:7B:6A:0C:20:D9:23:CD:5B:60:7B:7C:12
- SHA1: A7:06:BA:1E:CA:B6:A2:AB:18:69:9F:C0:D7:DD:8C:7D:E3:6F:29:0F
-Certificate[3]:
-Owner: [email protected], CN=Thawte Premium Server CA,
OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town,
ST=Western Cape, C=ZA
-Issuer: [email protected], CN=Thawte Premium Server CA,
OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town,
ST=Western Cape, C=ZA
-Serial number: 1
-Valid from: Thu Aug 01 02:00:00 CEST 1996 until: Fri Jan 01 00:59:59 CET 2021
-Certificate fingerprints:
- MD5: 06:9F:69:79:16:66:90:02:1B:8C:8C:A2:C3:07:6F:3A
- SHA1: 62:7F:8D:78:27:65:63:99:D2:7D:7F:90:44:C9:FE:B3:F3:3E:FA:9A
+#2: ObjectId: 2.5.29.19 Criticality=true
+BasicConstraints:[
+ CA:true
+ PathLen:0
+]
+#3: ObjectId: 2.5.29.31 Criticality=false
+CRLDistributionPoints [
+ [DistributionPoint:
+ [URIName: http://crl.thawte.com/ThawtePremiumServerCA.crl]
+]]
-*******************************************
-*******************************************
+#4: ObjectId: 2.5.29.37 Criticality=false
+ExtendedKeyUsages [
+ clientAuth
+ codeSigning
+]
+#5: ObjectId: 2.5.29.17 Criticality=false
+SubjectAlternativeName [
+ CN=PrivateLabel2-144
+]
-Alias name: signingca
-Creation date: Mar 27, 2008
-Entry type: trustedCertEntry
+Certificat[3]:
+Propri?taire?: [email protected], CN=Thawte Premium
Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape
Town, ST=Western Cape, C=ZA
+?metteur?: [email protected], CN=Thawte Premium Server
CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town,
ST=Western Cape, C=ZA
+Num?ro de s?rie?: 1
+Valide du?: Thu Aug 01 02:00:00 CEST 1996 au?: Fri Jan 01 00:59:59 CET 2021
+Empreintes du certificat?:
+ MD5?: 06:9F:69:79:16:66:90:02:1B:8C:8C:A2:C3:07:6F:3A
+ SHA1?: 62:7F:8D:78:27:65:63:99:D2:7D:7F:90:44:C9:FE:B3:F3:3E:FA:9A
+ Nom de lalgorithme de signature?: {7}
+ Version?: {8}
-Owner: CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA
-Issuer: [email protected], CN=Thawte Premium Server CA,
OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town,
ST=Western Cape, C=ZA
-Serial number: a
-Valid from: Wed Aug 06 02:00:00 CEST 2003 until: Tue Aug 06 01:59:59 CEST 2013
-Certificate fingerprints:
- MD5: D4:A7:BF:00:7B:6A:0C:20:D9:23:CD:5B:60:7B:7C:12
- SHA1: A7:06:BA:1E:CA:B6:A2:AB:18:69:9F:C0:D7:DD:8C:7D:E3:6F:29:0F
+Extensions?:
+#1: ObjectId: 2.5.29.19 Criticality=true
+BasicConstraints:[
+ CA:true
+ PathLen:2147483647
+]
+---------------
-*******************************************
-*******************************************
-
-
5 - SIGNING TIDDLYSAVER.JAR
Get TiddlySaver.jar from
http://trac.tiddlywiki.org/browser/Trunk/core/java/TiddlySaver.jar.
TiddlySaver.jar contained classes compiled on Thu Dec 07 14:48:00 CET 2006
-With UnaMesa.keystore in the current directory Signing jar on Thu Mar 27
07:59:12 CET 2008 using this command :
+With UnaMesa.keystore in the current directory Signing jar on Sam 6 mar 2010
15:16:04 CET using this command :
+---------------
> jarsigner -keystore UnaMesa.keystore TiddlySaver.jar BidiX
+Enter Passphrase for keystore:
+---------------
+6 - VERIFYING SIGNATURE WITHOUT KEYSTORE
+---------------
+> jarsigner -verify -verbose TiddlySaver.jar
-6 - VERIFYING SIGNATURE WITH UNAMESA KEYSTORE
-
-> jarsigner -verify -verbose -certs -keystore UnaMesa.keystore TiddlySaver.jar
BidiX
-
284 Thu Mar 27 07:59:12 CET 2008 META-INF/MANIFEST.MF
- 395 Thu Mar 27 07:59:12 CET 2008 META-INF/BIDIX.SF
- 2830 Thu Mar 27 07:59:12 CET 2008 META-INF/BIDIX.RSA
+ 395 Sat Mar 06 15:16:04 CET 2010 META-INF/BIDIX.SF
+ 2798 Sat Mar 06 15:16:04 CET 2010 META-INF/BIDIX.RSA
0 Thu Dec 07 14:48:00 CET 2006 META-INF/
-smk 1271 Thu Dec 07 14:48:00 CET 2006 TiddlySaver$1.class
+sm 1271 Thu Dec 07 14:48:00 CET 2006 TiddlySaver$1.class
+sm 1184 Thu Dec 07 14:48:00 CET 2006 TiddlySaver$2.class
+sm 775 Thu Dec 07 14:48:00 CET 2006 TiddlySaver.class
- X.509, CN=UnaMesa Association, OU=TiddlyWiki, O=UnaMesa Association,
L=Menlo Park, ST=California, C=US (bidix)
- [certificate is valid from 26/03/08 01:00 to 27/03/10 00:59]
- X.509, CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA
(signingca)
- [certificate is valid from 06/08/03 02:00 to 06/08/13 01:59]
- X.509, [email protected], CN=Thawte Premium Server
CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town,
ST=Western Cape, C=ZA (rootca)
- [certificate is valid from 01/08/96 02:00 to 01/01/21 00:59]
-
-smk 1184 Thu Dec 07 14:48:00 CET 2006 TiddlySaver$2.class
-
- X.509, CN=UnaMesa Association, OU=TiddlyWiki, O=UnaMesa Association,
L=Menlo Park, ST=California, C=US (bidix)
- [certificate is valid from 26/03/08 01:00 to 27/03/10 00:59]
- X.509, CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA
(signingca)
- [certificate is valid from 06/08/03 02:00 to 06/08/13 01:59]
- X.509, [email protected], CN=Thawte Premium Server
CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town,
ST=Western Cape, C=ZA (rootca)
- [certificate is valid from 01/08/96 02:00 to 01/01/21 00:59]
-
-smk 775 Thu Dec 07 14:48:00 CET 2006 TiddlySaver.class
-
- X.509, CN=UnaMesa Association, OU=TiddlyWiki, O=UnaMesa Association,
L=Menlo Park, ST=California, C=US (bidix)
- [certificate is valid from 26/03/08 01:00 to 27/03/10 00:59]
- X.509, CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA
(signingca)
- [certificate is valid from 06/08/03 02:00 to 06/08/13 01:59]
- X.509, [email protected], CN=Thawte Premium Server
CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town,
ST=Western Cape, C=ZA (rootca)
- [certificate is valid from 01/08/96 02:00 to 01/01/21 00:59]
-
-
s = signature was verified
m = entry is listed in manifest
k = at least one certificate was found in keystore
i = at least one certificate was found in identity scope
jar verified.
+---------------
+7 - CREATE TiddlySaverVerify.keystore KEYSTORE
+export SigningCertificate
+---------------
+> keytool -export -alias BidiX -file UnaMesa-3.cer -keystore UnaMesa.keystore
+Tapez le mot de passe du Keystore :
+Certificat enregistr? dans le fichier <UnaMesa-3.cer>
+---------------
+create keystore "TiddlySaverVerify.keystore" with "tiddlywiki" as password and
import SigningCertificate
+---------------
+> keytool -import -alias BidiX -keystore TiddlySaverVerify.keystore -storepass
tiddlywiki -file UnaMesa-3.cer
+Propri?taire?: CN=UnaMesa, OU=TiddlyWiki, O=UnaMesa, L=Palo Alto,
ST=California, C=US
+?metteur?: CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA
+Num?ro de s?rie?: 4b727291e62550562934757e5b6e6588
+Valide du?: Thu Mar 04 01:00:00 CET 2010 au?: Sun Mar 04 00:59:59 CET 2012
+Empreintes du certificat?:
+ MD5?: 1B:79:CE:47:BE:A9:E4:04:2A:DD:04:F5:BA:62:64:AD
+ SHA1?: 42:A9:6F:4D:C3:20:F8:7F:90:1A:1F:A5:66:92:ED:06:38:19:1E:D4
+ Nom de lalgorithme de signature?: {7}
+ Version?: {8}
-6 - VERIFYING SIGNATURE WITHOUT KEYSTORE
+Extensions?:
-> jarsigner -verify -verbose TiddlySaver.jar
- 274 Sun Apr 06 12:16:04 CEST 2008 META-INF/MANIFEST.MF
- 395 Sun Apr 06 12:16:04 CEST 2008 META-INF/BIDIX.SF
- 2830 Sun Apr 06 12:16:04 CEST 2008 META-INF/BIDIX.RSA
- 0 Sun Apr 06 12:16:00 CEST 2008 META-INF/
-sm 1271 Sun Apr 06 12:16:00 CEST 2008 TiddlySaver$1.class
-sm 1184 Sun Apr 06 12:16:00 CEST 2008 TiddlySaver$2.class
-sm 775 Sun Apr 06 12:16:00 CEST 2008 TiddlySaver.class
+#1: ObjectId: 2.5.29.19 Criticality=true
+BasicConstraints:[
+ CA:false
+ PathLen: undefined
+]
- s = signature was verified
- m = entry is listed in manifest
- k = at least one certificate was found in keystore
- i = at least one certificate was found in identity scope
+#2: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
+AuthorityInfoAccess [
+ [accessMethod: 1.3.6.1.5.5.7.48.1
+ accessLocation: URIName: http://ocsp.thawte.com]
+]
-jar verified.
+#3: ObjectId: 2.5.29.4 Criticality=false
+#4: ObjectId: 2.5.29.31 Criticality=false
+CRLDistributionPoints [
+ [DistributionPoint:
+ [URIName: http://crl.thawte.com/ThawteCodeSigningCA.crl]
+]]
-7 - CREATE TIDDLYSAVERVERIFY KEYSTORE
+#5: ObjectId: 2.5.29.37 Criticality=false
+ExtendedKeyUsages [
+ codeSigning
+ 1.3.6.1.4.1.311.2.1.22
+]
-Import Certificates (Public keys only) in a new keystore named
TiddlySaverVerify.keystore
->keytool -import -alias rootca -keystore TiddlySaverVerify.keystore -storepass
tiddlywiki -file ThawtePremiumServerCA.cer
->keytool -import -alias signingca -keystore TiddlySaverVerify.keystore
-storepass tiddlywiki -file ThawteCodeSigningCA.cer
->keytool -import -alias bidix -keystore TiddlySaverVerify.keystore -storepass
tiddlywiki -file UnaMesa.cer
+#6: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
+NetscapeCertType [
+ Object Signing
+]
-List Certificates in Keystore:
-> keytool -list -v -keystore TiddlySaverVerify.keystore -storepass tiddlywiki
+Faire confiance ? ce certificat ? [non] : Y
+R?ponse incorrecte, recommencez
+Faire confiance ? ce certificat ? [non] : oui
+Certificat ajout? au Keystore
+---------------
+8 - VERIFYING SIGNATURE WITH TiddlySaverVerify.keystore
+---------------
+> jarsigner -verify -verbose -certs -keystore TiddlySaverVerify.keystore
TiddlySaver.jar
+ 284 Thu Mar 27 07:59:12 CET 2008 META-INF/MANIFEST.MF
+ 395 Sat Mar 06 15:16:04 CET 2010 META-INF/BIDIX.SF
+ 2798 Sat Mar 06 15:16:04 CET 2010 META-INF/BIDIX.RSA
+ 0 Thu Dec 07 14:48:00 CET 2006 META-INF/
+smk 1271 Thu Dec 07 14:48:00 CET 2006 TiddlySaver$1.class
-Keystore type: jks
-Keystore provider: SUN
+ X.509, CN=UnaMesa, OU=TiddlyWiki, O=UnaMesa, L=Palo Alto, ST=California,
C=US (bidix)
+ [certificate is valid from 04/03/10 01:00 to 04/03/12 00:59]
+ X.509, CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA
+ [certificate is valid from 06/08/03 02:00 to 06/08/13 01:59]
+ [KeyUsage extension does not support code signing]
+ X.509, [email protected], CN=Thawte Premium Server
CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town,
ST=Western Cape, C=ZA
+ [certificate is valid from 01/08/96 02:00 to 01/01/21 00:59]
-Your keystore contains 3 entries
+smk 1184 Thu Dec 07 14:48:00 CET 2006 TiddlySaver$2.class
-Alias name: rootca
-Creation date: Apr 6, 2008
-Entry type: trustedCertEntry
+ X.509, CN=UnaMesa, OU=TiddlyWiki, O=UnaMesa, L=Palo Alto, ST=California,
C=US (bidix)
+ [certificate is valid from 04/03/10 01:00 to 04/03/12 00:59]
+ X.509, CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA
+ [certificate is valid from 06/08/03 02:00 to 06/08/13 01:59]
+ [KeyUsage extension does not support code signing]
+ X.509, [email protected], CN=Thawte Premium Server
CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town,
ST=Western Cape, C=ZA
+ [certificate is valid from 01/08/96 02:00 to 01/01/21 00:59]
-Owner: [email protected], CN=Thawte Premium Server CA,
OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town,
ST=Western Cape, C=ZA
-Issuer: [email protected], CN=Thawte Premium Server CA,
OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town,
ST=Western Cape, C=ZA
-Serial number: 1
-Valid from: Thu Aug 01 02:00:00 CEST 1996 until: Fri Jan 01 00:59:59 CET 2021
-Certificate fingerprints:
- MD5: 06:9F:69:79:16:66:90:02:1B:8C:8C:A2:C3:07:6F:3A
- SHA1: 62:7F:8D:78:27:65:63:99:D2:7D:7F:90:44:C9:FE:B3:F3:3E:FA:9A
+smk 775 Thu Dec 07 14:48:00 CET 2006 TiddlySaver.class
+ X.509, CN=UnaMesa, OU=TiddlyWiki, O=UnaMesa, L=Palo Alto, ST=California,
C=US (bidix)
+ [certificate is valid from 04/03/10 01:00 to 04/03/12 00:59]
+ X.509, CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA
+ [certificate is valid from 06/08/03 02:00 to 06/08/13 01:59]
+ [KeyUsage extension does not support code signing]
+ X.509, [email protected], CN=Thawte Premium Server
CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town,
ST=Western Cape, C=ZA
+ [certificate is valid from 01/08/96 02:00 to 01/01/21 00:59]
-*******************************************
-*******************************************
+ s = signature was verified
+ m = entry is listed in manifest
+ k = at least one certificate was found in keystore
+ i = at least one certificate was found in identity scope
-Alias name: bidix
-Creation date: Apr 6, 2008
-Entry type: trustedCertEntry
-
-Owner: CN=UnaMesa Association, OU=TiddlyWiki, O=UnaMesa Association, L=Menlo
Park, ST=California, C=US
-Issuer: CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA
-Serial number: 216daade0a7b241446c142eec8d2c6a9
-Valid from: Wed Mar 26 01:00:00 CET 2008 until: Sat Mar 27 00:59:59 CET 2010
-Certificate fingerprints:
- MD5: 1D:C3:CA:0F:8E:9F:02:96:C1:F7:A5:B5:7E:79:E3:31
- SHA1: A7:B8:B7:BF:BA:AB:A6:95:5A:BB:F4:2C:F9:91:62:7F:3E:64:3D:A0
-
-
-*******************************************
-*******************************************
-
-
-Alias name: signingca
-Creation date: Apr 6, 2008
-Entry type: trustedCertEntry
-
-Owner: CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA
-Issuer: [email protected], CN=Thawte Premium Server CA,
OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town,
ST=Western Cape, C=ZA
-Serial number: a
-Valid from: Wed Aug 06 02:00:00 CEST 2003 until: Tue Aug 06 01:59:59 CEST 2013
-Certificate fingerprints:
- MD5: D4:A7:BF:00:7B:6A:0C:20:D9:23:CD:5B:60:7B:7C:12
- SHA1: A7:06:BA:1E:CA:B6:A2:AB:18:69:9F:C0:D7:DD:8C:7D:E3:6F:29:0F
-
-
-*******************************************
-*******************************************
+jar verified.
+---------------
\ No newline at end of file
Modified: Trunk/core/java/verify.readme
===================================================================
--- Trunk/core/java/verify.readme 2010-03-06 18:48:10 UTC (rev 11803)
+++ Trunk/core/java/verify.readme 2010-03-06 18:50:02 UTC (rev 11804)
@@ -2,43 +2,45 @@
Above the verifying command and the expected return:
-> jarsigner -verify -verbose -certs -keystore TiddlySaverVerify.keystore
-keypass tiddlywiki TiddlySaver.jar
+> jarsigner -verify -verbose -certs -keystore TiddlySaverVerify.keystore
TiddlySaver.jar
+ 284 Thu Mar 27 07:59:12 CET 2008 META-INF/MANIFEST.MF
+ 395 Sat Mar 06 15:16:04 CET 2010 META-INF/BIDIX.SF
+ 2798 Sat Mar 06 15:16:04 CET 2010 META-INF/BIDIX.RSA
+ 0 Thu Dec 07 14:48:00 CET 2006 META-INF/
+smk 1271 Thu Dec 07 14:48:00 CET 2006 TiddlySaver$1.class
- 284 Thu Mar 27 07:59:12 CET 2008 META-INF/MANIFEST.MF
- 395 Thu Mar 27 07:59:12 CET 2008 META-INF/BIDIX.SF
- 2830 Thu Mar 27 07:59:12 CET 2008 META-INF/BIDIX.RSA
- 0 Thu Dec 07 14:48:00 CET 2006 META-INF/
- smk 1271 Thu Dec 07 14:48:00 CET 2006 TiddlySaver$1.class
+ X.509, CN=UnaMesa, OU=TiddlyWiki, O=UnaMesa, L=Palo Alto, ST=California,
C=US (bidix)
+ [certificate is valid from 04/03/10 01:00 to 04/03/12 00:59]
+ X.509, CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA
+ [certificate is valid from 06/08/03 02:00 to 06/08/13 01:59]
+ [KeyUsage extension does not support code signing]
+ X.509, [email protected], CN=Thawte Premium Server
CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town,
ST=Western Cape, C=ZA
+ [certificate is valid from 01/08/96 02:00 to 01/01/21 00:59]
- X.509, CN=UnaMesa Association, OU=TiddlyWiki, O=UnaMesa
Association, L=Menlo Park, ST=California, C=US (bidix)
- [certificate is valid from 3/26/08 1:00 AM to 3/27/10 12:59 AM]
- X.509, CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd.,
C=ZA (signingca)
- [certificate is valid from 8/6/03 2:00 AM to 8/6/13 1:59 AM]
- X.509, [email protected], CN=Thawte Premium
Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape
Town, ST=Western Cape, C=ZA (rootca)
- [certificate is valid from 8/1/96 2:00 AM to 1/1/21 12:59 AM]
+smk 1184 Thu Dec 07 14:48:00 CET 2006 TiddlySaver$2.class
- smk 1184 Thu Dec 07 14:48:00 CET 2006 TiddlySaver$2.class
+ X.509, CN=UnaMesa, OU=TiddlyWiki, O=UnaMesa, L=Palo Alto, ST=California,
C=US (bidix)
+ [certificate is valid from 04/03/10 01:00 to 04/03/12 00:59]
+ X.509, CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA
+ [certificate is valid from 06/08/03 02:00 to 06/08/13 01:59]
+ [KeyUsage extension does not support code signing]
+ X.509, [email protected], CN=Thawte Premium Server
CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town,
ST=Western Cape, C=ZA
+ [certificate is valid from 01/08/96 02:00 to 01/01/21 00:59]
- X.509, CN=UnaMesa Association, OU=TiddlyWiki, O=UnaMesa
Association, L=Menlo Park, ST=California, C=US (bidix)
- [certificate is valid from 3/26/08 1:00 AM to 3/27/10 12:59 AM]
- X.509, CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd.,
C=ZA (signingca)
- [certificate is valid from 8/6/03 2:00 AM to 8/6/13 1:59 AM]
- X.509, [email protected], CN=Thawte Premium
Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape
Town, ST=Western Cape, C=ZA (rootca)
- [certificate is valid from 8/1/96 2:00 AM to 1/1/21 12:59 AM]
+smk 775 Thu Dec 07 14:48:00 CET 2006 TiddlySaver.class
- smk 775 Thu Dec 07 14:48:00 CET 2006 TiddlySaver.class
+ X.509, CN=UnaMesa, OU=TiddlyWiki, O=UnaMesa, L=Palo Alto, ST=California,
C=US (bidix)
+ [certificate is valid from 04/03/10 01:00 to 04/03/12 00:59]
+ X.509, CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA
+ [certificate is valid from 06/08/03 02:00 to 06/08/13 01:59]
+ [KeyUsage extension does not support code signing]
+ X.509, [email protected], CN=Thawte Premium Server
CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town,
ST=Western Cape, C=ZA
+ [certificate is valid from 01/08/96 02:00 to 01/01/21 00:59]
- X.509, CN=UnaMesa Association, OU=TiddlyWiki, O=UnaMesa
Association, L=Menlo Park, ST=California, C=US (bidix)
- [certificate is valid from 3/26/08 1:00 AM to 3/27/10 12:59 AM]
- X.509, CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd.,
C=ZA (signingca)
- [certificate is valid from 8/6/03 2:00 AM to 8/6/13 1:59 AM]
- X.509, [email protected], CN=Thawte Premium
Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape
Town, ST=Western Cape, C=ZA (rootca)
- [certificate is valid from 8/1/96 2:00 AM to 1/1/21 12:59 AM]
+ s = signature was verified
+ m = entry is listed in manifest
+ k = at least one certificate was found in keystore
+ i = at least one certificate was found in identity scope
- s = signature was verified
- m = entry is listed in manifest
- k = at least one certificate was found in keystore
- i = at least one certificate was found in identity scope
-
- jar verified.
+jar verified.
--
You received this message because you are subscribed to the Google Groups
"TiddlyWikiDev" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/tiddlywikidev?hl=en.
